How to remove “Generic.Sality.3.E772AAEE”?

The Generic.Sality.3.E772AAEE is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Generic.Sality.3.E772AAEE virus can do?

Unconventionial language used in binary resources: Hebrew
The binary contains an unknown PE section name indicative of packing
The executable is compressed using UPX
Authenticode signature is invalid

How to determine Generic.Sality.3.E772AAEE?


File Info:
name: 1667B05F602DC6C803B2.mlw
path: /opt/CAPEv2/storage/binaries/85fcc85fb402376179e2467a93e0e45c1f2b5cc72273e9ab4b70d46cb6a090d1
crc32: 9EA6130A
md5: 1667b05f602dc6c803b2997137711b15
sha1: ac7af2bbb28e335b4d011da8a1e7f43bca75ebdd
sha256: 85fcc85fb402376179e2467a93e0e45c1f2b5cc72273e9ab4b70d46cb6a090d1
sha512: 111a35dcbd7a3d23ff5ad4cf0e0c7713c6a10aace278796ee478699e653b71401c0cba6dd330a147c883cd5325cda6b6323248892da085481495bfe84ef51284
ssdeep: 1536:uql5lb22sVYBl+cYWEJQtU8cO7u2NbvdOc8VKUaOdNeRzFJ:1l5t22sVYBYcYWGQtU5UNZLKQpFJ
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1B0B3CF5223E9950AE1BE1B343D73472429B4BC759A34C32E77E8A68F6C71650CD3538E
sha3_384: 5c7eea6af1ff50faa570d3ee886e3359b3b0bc44f21ba108774ff7a3e939814db71c5d2c7687fa5f4fe1192d7f603464
ep_bytes: 60be00e040008dbe0030ffff5783cdff
timestamp: 2007-12-21 15:22:39

Version Info:
Comments: 
CompanyName: NirSoft
FileDescription: ActiveXHelper
FileVersion: 1.12
InternalName: ActiveXHelper
LegalCopyright: Copyright © 2004 - 2007 Nir Sofer
LegalTrademarks: 
OriginalFilename: axhelper
PrivateBuild: 
ProductName: ActiveXHelper
ProductVersion: 1.12
SpecialBuild: 
Translation: 0x0409 0x04b0

Generic.Sality.3.E772AAEE also known as:

Bkav	W32.AIDetect.malware1
Elastic	malicious (moderate confidence)
MicroWorld-eScan	Generic.Sality.3.E772AAEE
FireEye	Generic.mg.1667b05f602dc6c8
ALYac	Generic.Sality.3.E772AAEE
Cylance	Unsafe
VIPRE	Generic.Sality.3.E772AAEE
CrowdStrike	win/malicious_confidence_60% (D)
VirIT	Win32.Sality.BH
Cyren	W32/Sality.E.gen!Eldorado
Symantec	W32.Sality.AE
ClamAV	Win.Malware.Zusy-9956834-0
BitDefender	Generic.Sality.3.E772AAEE
Cynet	Malicious (score: 100)
APEX	Malicious
Ad-Aware	Generic.Sality.3.E772AAEE
Emsisoft	Generic.Sality.3.E772AAEE (B)
Comodo	Packed.Win32.MUPX.Gen@24tbus
DrWeb	Win32.Sector.22
McAfee-GW-Edition	Artemis
Trapmine	malicious.moderate.ml.score
Sophos	Generic ML PUA (PUA)
Ikarus	not-a-virus:PSWTool.Win32.MailPassView
GData	Generic.Sality.3.E772AAEE
Jiangmin	Win32/HLLP.Kuku.poly2
MAX	malware (ai score=87)
Microsoft	Trojan:Win32/Wacatac.B!ml
Google	Detected
McAfee	Artemis!1667B05F602D
VBA32	Trojan.Genome.yo
Malwarebytes	Malware.AI.3158270103
Avast	Win32:Trojan-gen
Rising	Virus.Sality/Debris!1.A12C (CLASSIC)
SentinelOne	Static AI – Malicious PE
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	W32/ULPM.16C0!tr
AVG	Win32:Trojan-gen
Cybereason	malicious.f602dc

How to remove Generic.Sality.3.E772AAEE?

Generic.Sality.3.E772AAEE removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X